Internet-of things-oriented equipment anonymous identity authentication method and system

Abstract

The invention belongs to the technical field of equipment identity authentication in an internet of things environment, and discloses an internet-of things-oriented equipment anonymous identity authentication method and system, the internet-of things-oriented equipment anonymous identity authentication method comprises the following steps: defining a communication model; selecting system parameters; initializing the system; registering equipment; calculating a private key and a temporary secret value; decrypting the ciphertext by using the temporary secret value; carrying out equipment authentication and key negotiation; and judging. The method has anonymity, and the real identity of the equipment and the relation between the equipment are not exposed in the interaction process; the method has the advantages of low power consumption, consideration of factors of limited processing and communication capabilities of sensor equipment, reduction of the calculation amount, the number of communication rounds and the storage overhead of a protocol, and adoption of elliptic curve point multiplication, hash function and XOR operation in other stages except for calculation of a temporary key by using bilinear mapping in an equipment registration stage; and the method has security, can successfully resist common Internet of Things attacks, and is well suitable for the Internet of Things terminal with limited resources.

Description

technical field [0001] The invention belongs to the technical field of device identity authentication under the Internet of Things environment, and in particular relates to a device anonymous identity authentication method and system for the Internet of Things. Background technique [0002] At present, the concept of the Internet of Things (The Internet of Things) has been developed for nearly 20 years since it was proposed in 1999. IoT was originally defined as the interconnection of all items with the Internet through information sensing devices such as radio frequency identification, so as to realize Intelligent identification and management of items. Today, the definition and content of the Internet of Things have far exceeded its original concept, that is, everything is digitized, networked, and intelligent, and the relationship between things, things and people, people and people, and people and people is realized. More intelligent and efficient information interactio...

AI Technical Summary

Problems solved by technology

[0007] In 2011, Vaidya et al. proposed an implicit certificate authentication scheme based on smart home. This article uses the implicit certificate as the public key of each device. The certificate is issued by the certificate authority. After passing the verification steps, the two entities The session key is established between these entities, but the identity of the device in these entities is propagated in the network in plain text, and this scheme cannot resist device tracking attacks

In 2013, Sahingoz et al. proposed a multi-level dynamic key agreement, which is based on asymmetric key negotiation and ECC encryption. In this scheme, each device negotiates with adjacent nodes to complete the verification and signature of data, increasing the The amount of calculation is increased, which leads to serious energy loss of nodes and shortens the life of nodes

In 2014, Liao and Xiao proposed an authentication protocol based on elliptic curves, which integrated an authentication server, but this method was pointed out by Peeters and Hermans that it was vulnerable to server simulation attacks

In 2017, Wang et al. proposed an ECC-based authentication and key agreement scheme for the Internet of Things. Through the analysis of its protocol, it was found that the protocol proposed by this scheme cannot avoid traceable attacks, and attackers can easily obtain the device's Uniquely identify and track devices

[0009] (1) The perception layer of the traditional Internet of Things has problems such as heterogeneous device interconnection, low hardware cost, limited hardware resources, massive access, and open working environment, which leads to the perception layer as the underlying support and data source of the entire Internet of Things architecture. Its security needs are more prominent

[0010] (2) In the open environment of wireless sensor networks, the exposed physical space of the terminal equipment is more vulnerable to physical operations, such as node capture attacks. The attacker obtains information such as keys stored in the terminal and forges leg

Images